Skip to main content
CVE-2024-12971 HIGH POC THREAT Act Now

Pandora FMS monitoring platform versions 700 through 777.6 contain a command injection vulnerability that allows OS command execution. The improper neutralization of special elements in monitoring agent communication enables attackers to execute arbitrary commands on the Pandora FMS server with the application's privileges.

Command Injection Pandora Fms
NVD
CVSS 4.0
8.6
EPSS
73.6%
Threat
5.4
CVE-2025-25914 CRITICAL POC Act Now

SQL injection vulnerability in Online Exam Mastering System v.1.0 allows a remote attacker to execute arbitrary code via the fid parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi Online Exam Mastering System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2025-29909 HIGH POC PATCH This Week

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow RCE Denial Of Service Cryptolib
NVD GitHub
CVSS 4.0
8.9
EPSS
1.7%
CVE-2025-29912 HIGH POC PATCH This Week

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow RCE Denial Of Service Cryptolib
NVD GitHub
CVSS 4.0
8.9
EPSS
1.1%
CVE-2025-29911 HIGH POC This Week

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow RCE Denial Of Service Cryptolib
NVD GitHub
CVSS 4.0
8.9
EPSS
0.5%
CVE-2025-29913 HIGH POC This Week

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow RCE Denial Of Service Cryptolib
NVD GitHub
CVSS 4.0
8.9
EPSS
0.4%
CVE-2025-2370 HIGH POC This Week

A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Ex1800T Firmware TOTOLINK
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.6%
CVE-2025-2369 HIGH POC This Week

A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Ex1800T Firmware TOTOLINK
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.6%
CVE-2025-2359 MEDIUM POC This Month

A vulnerability classified as critical has been found in D-Link DIR-823G 1.0.2B05_20181207. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Dir 823G Firmware
NVD VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2025-2360 MEDIUM POC This Month

A vulnerability classified as critical was found in D-Link DIR-823G 1.0.2B05_20181207. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Information Disclosure Dir 823G Firmware
NVD VulDB
CVSS 4.0
6.9
EPSS
0.4%
CVE-2025-2391 MEDIUM POC This Month

A vulnerability classified as critical was found in code-projects Blood Bank Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Blood Bank Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-2383 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Appointment Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Doctor Appointment Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-2382 MEDIUM POC This Month

A vulnerability classified as critical was found in PHPGurukul Online Banquet Booking System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Banquet Booking System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-2381 MEDIUM POC This Month

A vulnerability classified as critical has been found in PHPGurukul Curfew e-Pass Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Curfew E Pass Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-2380 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Apartment Visitors Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-2372 MEDIUM POC This Month

A vulnerability classified as critical has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Human Metapneumovirus Testing Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-2387 MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Food Ordering System 2.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Food Ordering System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-2386 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Local Services Search Engine Management System 1.0 and classified as critical.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Local Services Search Engine Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-2385 MEDIUM POC This Month

A vulnerability has been found in code-projects Modern Bag 1.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Modern Bag
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-2379 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Apartment Visitors Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-2362 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Pre School Enrollment System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-2378 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Medical Card System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-29429 MEDIUM POC This Month

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/program.php via the id, code, and name parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Class And Exam Scheduling System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-29427 MEDIUM POC This Month

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in profile.php via the member_first and member_last parameters. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP XSS Online Class And Exam Scheduling System
NVD GitHub
CVSS 3.1
5.9
EPSS
0.1%
CVE-2025-2395 CRITICAL Act Now

The U-Office Force from e-Excellence has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to use a particular API and alter cookies to log in as an administrator. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass U Office Force
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-29910 MEDIUM POC This Month

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Cryptolib
NVD GitHub
CVSS 4.0
5.5
EPSS
0.3%
CVE-2025-29425 MEDIUM POC This Month

Code-projects Online Class and Exam Scheduling System 1.0 is vulnerable to SQL Injection in exam_save.php via the parameters member and first. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Class And Exam Scheduling System
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-2368 MEDIUM POC This Month

A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical.cc of the component Malformed File Handler. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Wabt Red Hat
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2025-2200 CRITICAL Act Now

SQL injection vulnerability in the IcProgreso Innovación y Cualificación plugin. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2025-2199 CRITICAL Act Now

SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2025-2374 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Human Metapneumovirus Testing Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-2373 MEDIUM POC This Month

A vulnerability classified as critical was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Human Metapneumovirus Testing Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-2419 MEDIUM POC This Month

A vulnerability classified as critical has been found in code-projects Real Estate Property Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Real Estate Property Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-2390 MEDIUM POC This Month

A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Blood Bank Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-2384 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in code-projects Real Estate Property Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Real Estate Property Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-25650 CRITICAL Act Now

An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5_433WBSK_v2.2_220605 allows attackers to produce cloned NFC cards to bypass authentication. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
9.1
EPSS
0.3%
CVE-2024-54525 HIGH This Week

A logic issue was addressed with improved file handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple File Upload
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2025-2392 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in code-projects Online Class and Exam Scheduling System 1.0.php. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Class And Exam Scheduling System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-2389 MEDIUM POC This Month

A vulnerability was found in code-projects Blood Bank Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Blood Bank Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-2377 MEDIUM POC This Month

A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as problematic. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Vehicle Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-2375 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Human Metapneumovirus Testing Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-2371 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Human Metapneumovirus Testing Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-2393 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in code-projects Online Class and Exam Scheduling System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Class And Exam Scheduling System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-2396 HIGH This Week

The U-Office Force from e-Excellence has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and execute web shell backdoors, thereby enabling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft RCE File Upload U Office Force
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-48013 HIGH This Week

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Execution with Unnecessary Privileges vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Privilege Escalation Smartfabric Os10
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-49559 HIGH This Week

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Use of Default Password vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Authentication Bypass Smartfabric Os10
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-12992 HIGH This Week

Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection via RCE.6 . Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Pandora Fms
NVD
CVSS 4.0
8.6
EPSS
0.6%
CVE-2025-0833 HIGH This Week

A stored Cross-site Scripting (XSS) vulnerability affecting Route Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS 3dexperience Enovia
NVD
CVSS 3.1
8.7
EPSS
0.1%
CVE-2025-0832 HIGH This Week

A stored Cross-site Scripting (XSS) vulnerability affecting Project Gantt in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS 3dexperience Enovia
NVD
CVSS 3.1
8.7
EPSS
0.1%
CVE-2025-0830 HIGH This Week

A stored Cross-site Scripting (XSS) vulnerability affecting Meeting Management in ENOVIA Change Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS 3dexperience Enovia
NVD
CVSS 3.1
8.7
EPSS
0.1%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy